jgit/jgit at 4d6046da771b4b25431b0590e039645bf6c07345 - jgit

motiejus

jgit

History

Dave Borowitz d5a71e9ca3 Store push certificates in refs/meta/push-certs Inspired by a proposal from gitolite[1], where we store a file in a tree for each ref name, and the contents of the file is the latest push cert to affect that ref. The main modification from that proposal (other than lacking the out-of-git batching) is to append "@{cert}" to filenames, which allows storing certificates for both refs/foo and refs/foo/bar. Those refnames cannot coexist at the same time in a repository, but we do not want to discard the push certificate responsible for deleting the ref, which we would have to do if refs/foo in the push cert tree changed from a tree to a blob. The "@{cert}" syntax is at least somewhat consistent with gitrevisions(7) wherein @{...} describe operators on ref names. As we cannot (currently) atomically update the push cert ref with the refs that were updated, this operation is inherently racy. Kick the can down the road by pushing this burden on callers. [1] `cf062b8bb6/contrib/hooks/repo-specific/save-push-signatures` Change-Id: Id3eb32416f969fba4b5e4d9c4b47053c564b0ccd	2015-07-10 13:16:37 -07:00
..
gitrepo/internal	Add support to <include> tag in repo manifest xml.	2014-08-13 13:04:28 -07:00
internal	Store push certificates in refs/meta/push-certs	2015-07-10 13:16:37 -07:00

Dave Borowitz d5a71e9ca3 Store push certificates in refs/meta/push-certs

Inspired by a proposal from gitolite[1], where we store a file in
a tree for each ref name, and the contents of the file is the latest
push cert to affect that ref.

The main modification from that proposal (other than lacking the
out-of-git batching) is to append "@{cert}" to filenames, which allows
storing certificates for both refs/foo and refs/foo/bar. Those
refnames cannot coexist at the same time in a repository, but we do
not want to discard the push certificate responsible for deleting the
ref, which we would have to do if refs/foo in the push cert tree
changed from a tree to a blob.

The "@{cert}" syntax is at least somewhat consistent with
gitrevisions(7) wherein @{...} describe operators on ref names.

As we cannot (currently) atomically update the push cert ref with the
refs that were updated, this operation is inherently racy. Kick the can
down the road by pushing this burden on callers.

[1] cf062b8bb6/contrib/hooks/repo-specific/save-push-signatures

Change-Id: Id3eb32416f969fba4b5e4d9c4b47053c564b0ccd

2015-07-10 13:16:37 -07:00

gitrepo/internal Add support to <include> tag in repo manifest xml. 2014-08-13 13:04:28 -07:00

internal Store push certificates in refs/meta/push-certs 2015-07-10 13:16:37 -07:00